<?php
class Obj_System_AclPlugin extends Zend_Controller_Plugin_Abstract
{
	
    public function preDispatch(Zend_Controller_Request_Abstract $request) {
		$acl = Zend_Registry::get('acl');
		$user = Zend_Registry::get('SYS_USER');
		$action = $request->getActionName();
		$controller = $request->getControllerName();
		$module = $request->getModuleName();
		
		if (!$acl->has($module.':'.$controller)) {
			//check if we have access to module
			if ($acl->has($module) && $acl->isAllowed($user->usertype, $module, $action)) return true;
			
			$request->setControllerName('error');
			$request->setActionName('restricted');
			return;
		}
		
		if(!$acl->isAllowed($user->usertype, $module.':'.$controller, $action)) {
			$request->setControllerName('error');
			$request->setActionName('restricted');
			return;
		}
	}
}

